Rants of a deranged squirrel.

2007 Black Hat / DEF CON

Tuesday, July 31st, 2007 – Black Hat – Day 1

Flight was uneventful. McCarran has a new car rental complex a ways from the airport. Leaving the complex dumps you directly on the strip, how convenient! I imagine someone on the tourism board is happy with themselves.

Rented from Hertz as usual. While I did receive a mostly free upgrade from compact to full-size with GPS thrown in, the car came with on-board warnings about tire and oil pressure. The GPS apparently saved a co-worker who had to ferry another 10 miles off strip, but it failed miserably in helping us find a real bank branch we needed (it likes to report any ATM as a bank location).

This year we stayed at the Platinum Hotel & Spa which had obscenely good prices considering the hotel. Finished in late 2006, the rooms are actually individually owned and rented out like time shares from what I understand. The larger regular rooms are 1200 square feet and have a full size fridge, three seat bar, washer/dryer, balcony with four seat table, king+ size bed, huge jacuzzi tub, large shower and more. The exercise room and pool were more than adequate and the complimentary valet parking a nice touch, even though I prefer having free self-park if given the choice. Since the hotel is off strip the bar doesn’t get much traffic which is a shame, as the bartender Christie is really cute and very personable.

The Black Hat speaker party was fairly empty but nice of the organizers.

Wednesday, August 1st, 2007 – Black Hat – Day 2

Wednesday was the first of the long days many of us come to expect from con. Despite being up at an early hour I still ended up missing (skipping) many talks. Seems like each year the talks get more bland, more repetitious or offered at DEF CON too.

I participated in Hacker Court again, this year focusing on the legality of border searches as pertains to electronics and digital material. As with previous years, we had a great lineup of professionals participating. Kevin Bankston (EFF lawyer), Jennifer Grannick (Executive Director, Center for Internet and Society), Richard Salgado (former DOJ lawyer), Jon Klein (forensics expert) and Jesse Kornblum (forensics expert) under the guidance of Carole Fennelly put on a mock trial that explores legal issues surrounding computers, security and the law that haven’t been tested in the courts. For those interested in computer law, this presentation is fascinating on many levels. While it can be long for a conference presentation (pushing a bit past two hours), it is interlaced with humor and popular media references to keep the crowd happy. Despite the experts and unique presentation, Black Hat keeps pushing us more and more out of the way each year. Last minute cuts on the time slot, last minute room changes, virtually no press/advertising even though it is often the only talk and always concurrent with free food and an open bar. People still don’t realize they can get the free food/booze, walk 25 feet and sit down to enjoy it in the presentation room. All said and done, it ends up being a long involved process for preparing and organizing for very few people watching.

That evening I visited the party put on by Cisco at Pure. Had a relaxed evening with good food, free booze and a chance to chat with some of the Cisco folks that I have business dealings with.

We missed the SPI Dynamics part at Tao unfortunately. While Spudlet and I wanted to check out the club and I wanted a chance to talk with SPI more regarding their product, they had invited some 300+ people to a party that could only accommodate 150 or so due to the space they had reserved. Sorry SPI, if I want to wait in line for a Vegas club, I can do that any night.

Following suit, the OWASP party at the Shadow Bar in Caesars was overbooked and had a long line. Given the small size of the bar, they really should have known to find more room. Perhaps we can joke about OWASP being vulnerable to an overflow situation. I regret missing this as I had wanted to discuss various aspects of OWASP as relates to OSVDB.

Fortunately, the VIM informal sit down went well. Folks from CVE, Secunia and OSVDB had a great discussion about issues pertaining to vulnerability databases. This was the first time we had met some guys from Secunia so it was nice getting their perspective as their database is commercial and offers a different perspective.

Thursday, August 2nd, 2007 – Black Hat – Day 3

Thursday started with a simple breakfast with Lyger and BK. I stole half his boiled egg off the chef salad he ordered and failed to finish. We headed back to the convention to listen to a turbo talk titled “Social Network Site Data Mining” by Stephen Patton (CISSP!). This talk should have been titled “Look ma, free entry into con!” as it was barely worthy of being called “remedial web surfing social sites“. The fact that this guy actually investigates anything is scary and I couldn’t even bring myself to point out all of the flaws in his talk after the first I brought up.

Rick, DK, Lyger and I had decided to grab lunch at Spago. Besides knowing it was an upscale restaurant by Wolfgang Puck, I had only heard it was snooty and joked about in the song Car Phone by Sheeler & Sheeler / Dr. Demento. The front of the restaurant opened up to the Forum Shops attached to Caesars Palace and before we hit the host I joked about not being pretty enough to sit out there. A minute later the host suggested we could get immediate seating in the back, implying we were either too ugly for the front or all of those tables magically had reservations ten minutes after they had opened. We laughed and sat at the back of the pretty social bus, three of us enjoying a shrimp po’boy sandwich, Lyger enjoying two Bud Lites (how else does he maintain his girlish figure?!)

Shortly after we returned to the convention and caught “Revolutionizing the Field of Grey-box Attack Surface Testing with Evolutionary Fuzzing” by Jared DeMott (President, VDA Labs). His talk and new fuzzing tool were definitely interesting, but the slides with the background of Jesus carrying a cross (and no joke/explanation) were a bit weird. We headed to the next talk quietly reflecting our lord and savior (or joking about fuzzing jesus). Next up was “Unforgivable Vulnerabilities” by Steven Christey of CVE/MITRE. At the conclusion of his great talk I wondered if anyone else saw the hypocrisy of Litchfield/NGSS calling for VAAL, which is heavily dependent on publishing vulnerability information, which NGSS simply does not do. At the end, I also then questioned that if we called vulnerabilities in regular software “unforgivable”, what do we call vulnerabilities in security software? The best answer anyone came up with was “criminal” to which I agreed.

We spent a considerable amount of the afternoon talking with vendors, specifically Cenzic and SPI Dynamics, as many folks at work are no longer happy with Watchfire’s Appscan. Both tools have promise and we will be testing them the coming weeks. The fact that an extremely well respected web application hacker type works for one is re-assuring. Hopefully one of them works out.

Later that evening we hit Hooters Hotel for the Hooters restaurant and some hot wings, for the yearly OSVDB mangler dinner. Hot wings, booze and boobs, what a way to celebrate open source projects! Next up was the Microsoft party at Pure, this time on the terrace. While it does have a really swell view of the strip, it’s Las Vegas in the dead of summer and hot as hell. Miserably so. Worse when the music is still set to “club” loud, not “geek social” volumes. Still generous of Microsoft, just wish they would treat it a bit more like an informal Blue Hat.

Friday, August 3rd, 2007 – DEF CON – Day 1

First, the badges issued for DEF CON 15 are neat, but the guy who designed them didn’t really test them. after programming them to scroll custom text (including “osvdb”, “I <3 Satan” and “ATM” depending on who was with me), just walking around caused the badges to get bumped and lose the programming. like previous years, they also ran out of badges within the first four hours of Friday (giving out some 6800 apparently?!)

First meal of the day, Pink Taco at the Hard Rock. Always exceptionally good food and neat atmosphere. This year we had a pitcher of margaritas with a high quality tequila that cost ~ 60 bucks. For a few bucks more it could have been Patron but I didn’t order. Amusing that a bottle of Patron is 700 bucks and another bottle goes for 1100+ (usually about 250 in stores). I know it’s Vegas, but that kind of markup is just stupid. spending money for the sake of showing off, nothing more.

Spent the afternoon walking around the convention, meeting and chatting with various folks new and old. as years before, the vendor area just screams ‘sell out’ with mostly ‘mainstream’ geek stuff and ridiculously overpriced retro/legacy hardware.

Seemingly competing with the Wall of Sheep, another group had a similar display on a different wall, but with logins to various HTTPS sites. one yelled out that they would show how it was done later that night, suggesting a pretty efficient MITM utility. slick stuff

Opting for a quick dinner before the nightly parties, we stopped by the restaurant at the Platinum hotel. Since it had a good lunch menu with conservative prices (for a Vegas hotel), we figured the dinner menu would be good. If so, we sure won’t know! If you are going to charge 40 – 50 dollars a plate, let me give you some advice. First, don’t drench my papers and electronics I set at the corner of the table in water. High class restaurants use wait staff that know to hold a cloth under the pitcher when pouring to avoid that. Second, if you are going to charge more than Roy’s or Nobu, you better have an exciting menu that moves beyond “steak” and you better come with reviews to back that price. After seeing the menu, we apologized and left.

Despite invites to the iDefense party at Body English and another party in a hotel suite by iSIGHT, it was a no brainer to head over to the Bellagio to join Dave Aitel and Immunity at Caramel. This small lounge is beatiful, well staffed and an ideal location to have a social gathering. While chatting, the staff came around with trays of finger foods that put some restaurants to shame. All in all, this was hands down the classiest and nicest get-together at either convention and reminds me why such parties were thrown to begin with.

Saturday, August 4th, 2007 – DEF CON – Day 2

Last day of the convention week for me, sounds more like an orgy of food (more so than previous days), but I assure you the gaps were nothing more than bad memory and little to note!

Began the day with Pink Taco again, this time with Rick and a lot of business talk. Next was a lunch (no, I didn’t eat) with thewronghands and Konstantinos to talk about all things abnormal.

More time passed and I met Steven Christey, Tornio, Jake, Sullo, str0ke and Lyger for a good discussion about vulnerability databases.

More time passed, some booze was consumed and I broke off for a private dinner at PF Changs. Some great discussion and humor to be had, most of us headed back to the Riviera to hang out at the 303 and Ninja parties, which were side by side. Each offered good music, booze and great people. Props to Caesar for the Ninja party and the various 303 thugs, especially Pyro, for their party. 2 or 3am rolled around and off we went, for some sleep before a day of travel.

Sunday, August 5th, 2007 – Travel Musings

Traveling via plane is getting progressively worse it seems. More delays, more crowds, more full flights, more canceled flights and little sign it is getting better. Spudlet and I decided to leave early to try to get out on stand-by. She had to work early Monday, I had to travel again most of the day. We check in about 1 minute apart, both head to the first flight. Neither of us make it on, shift to the second flight available. I manage to get on that and get told that she is “two or three” names down the list. After sitting down I watch eight people board the plane, but no Spudlet. I have since found out that your frequent flyer mileage total help dictate how fast you get a stand-by seat, not when you got on the list.

We push back from the gate, hit the runway and get notified of a one hour delay due to weather in DEN, even though Lyger had just taken off from DEN shortly before. the crew manages to serve most of the plane water, but not me.

After an hour on the runway, we head back to the gate after being notified of an additional 45 minute delay, are given that much time to grab snacks off the plane. Meanwhile, Spudlet was passed up not only for the plane I was on, but one more flight and then got a seat on the fourth flight available. Despite boarding her plane as we were returning to gate, she hadn’t caught wind of the delay until my text messages start rolling in. I get back on my plane just as the gate crew goes wild and stops anyone else from boarding. I quickly learn that my flight crew was ‘illegal’ (worked too many hours that day) and had to get a new crew. Once they were on board, they let the rest of the people back on the plane and we end up leaving the gate short eight people.

Right after leaving the gate my iPod locks up. I’m sitting next to an unhealthy big woman that forces me off one arm rest. i can’t see the movie since the screen dropped down right above my head. overall a pretty bad flight.

All said and done, i land one hour after Spudlet, one hour after my luggage and one hour before my original flight. so getting to the airport at 11:30a instead of 6:30p bought me one hour, and i still walked in the door after midnight.

I mention my luggage above because my suitcase obviously did not travel on the same flight I did. this is a sore point of contention for me, because I am fucking tired of United telling me i can not get on a stand-by list because “you checked your bag, it has to travel on the same flight you do“. I’ve been told that three separate times, all by United gate agents, all quoting some mythical bullshit ‘regulation’ that they selectively enforce. I still need to find out if that is a United or FAA regulation. if the latter, I’m definitely filing a complaint.

Con Summary

The Good:

The Bad:

Exit mobile version